Primary

Context

Mozilla Firefox for iOS New Tab Spoofing Vulnerability

Vulnerability

A vulnerability in Firefox for iOS versions prior to 147.2.1 allows malicious scripts to disrupt the loading of new tab pages. This interruption can create a desynchronization between the address bar and the displayed page content. As a result, an attacker could spoof arbitrary HTML under a trusted domain.

Impact

Exploitation of this vulnerability could lead to website spoofing under trusted domains in the user's browser.

Remediation

Users can upgrade to Firefox for iOS version 147.2.1 to address this vulnerability.

Added: Feb 16, 2026, 3:22 PM

Updated: Feb 16, 2026, 3:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.8

remediation

0.0

relevance

3.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.8

remediation

0.0

relevance

3.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mozilla Firefox for iOS New Tab Spoofing Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating